At 7:38 AM 3/20/96, Daniel DuBois wrote:
>At 10:11 PM 3/19/96 -0500, John C Klensin wrote:
>>requirement. Even if we "require" that servers return an error message, it
>>just pushes the problem a bit further out. We will find, I'm afraid
>>inevitably, that some idiot will decide to not bother sending "host" in the
>>interest of a few extra cycles of efficiency and that other idiots will make
>>the server error message a configurable option, also in the interest of
>>efficiency. Extrapolation from the history of the Internet predicts to a
>>lot of such idiots.
>
>Those same idiots would enable 200 OK responses to HTTP/1.1 requests that
>don't have the full URL in the request line and use the 1.0 partial URL
>style, or they'd make the error response a configurable option. So it's a
>moot point.
I completely agree with Daniel here. To assume that "idiots" will change
the request URL handing correctly, but would not change the Host: handling
correctly, is plain silly.
In fact, I believe that of the two, they are *much* more likely to make
settings purposely allowing either form of request URLs than to make
settings allowing/disallowing Host: handling. This is the opposite of what
any of us wants.
As John says, we can't force correct action on the part of the server or
client makers. Both solutions give the same long-term gain: when they're
fully implemented, vanity IPv4 addresses go away. Given that, which of the
solutions will do the least short term harm? Clearly, forcing the "Host:"
header.
And, again, we can definitely put lots of public pressure on server and
browser makers who do it wrong. They'll be easy to determine, and easy to
lampoon. The folks in the now-popular Internet print press will report
incompatibility with HTTP/1.1 in a matter of days after the release of a
broken server or browser, if we educate them about the issue and purpose of
the feature. I grant you, this is not part of the IETF's engineering
charter, but it helps us get to that end quickly. :-)
--Paul Hoffman
--Internet Mail Consortium